abstract |
A method of filtering a tunneled data packet comprising an outer header and an outer payload, the outer payload comprising an inner data packet comprising an inner header and an inner payload, where the value of at least one outer header field of the tunneled data packet is matched to a first rule, and the action defined in the first rule is taken. Taking the action defined in the first rule comprises detecting the inner data packet within the tunneled data packet, matching the value of at least one field of the inner data packet to a second rule, and taking the action defined in the second rule. |